Its common sense really, and im sure TLG can manage without your business.

90% of the questions Abefroman ask, are already answered. This is NOT a forum to help you administrate your server. This forums purpose is to assist others and discuss cPanel related topics. With all these unmanaged server providers popping up, everyone and their dog think they can now run a hosting business. Its just not that easy, and if he wants help, he's going to have to learn how to help himself ( google.com ) and utilize the tools already provided for him rather than waste the space he takes up posting his nonsense.

I think we can all have a say, perhaps we all don't see eye to eye, but its going to sink in some time.

Abefroman, might I suggest you head over to http://www.webhostingtalk.com ( technical and security forums might be the best place to post ). Otherwise, please try and keep it to the newbie forums. Might help us hold on to what sanity we do have left :P :D

Abefroman, might I suggest you head over to http://www.webhostingtalk.com ( technical and security forums might be the best place to post ). Otherwise, please try and keep it to the newbie forums. Might help us hold on to what sanity we do have left :P :D

Click to expand...

WHT sucks, I will continue to post here, I have made several helpful posts in threads that other people have started.

By simply chmod'ing the file so that no none-wheel or root user can use them we can eliminate many possible problems. The downside to doing this is that shell users will be inconvenienced by not being able to use the the commands below. Mod_security really removes the need to chmod this, but it is an added layer of protection.

Got to agree with that. The moderators act like god like being and, if you're one of their advertisers, you can get away with anything. I got banned for asked a host why they didn't honor their 30 day guantee when they keep posting about it. I posted politely about my account which I had closed out within 7 days after having a 41% uptime rating, they complained, away I went. Follow ups went unanswered and INet basicly told me that I should be kissing their rear for "providing such a rich environment" IIRC.

I am NOT a security expert at all, but I wanted to share some thoughts on security. I owe the little knowledge that I do know to many generous posters here on the forum, employees and friends in the industry.

I don't know if there is any such thing as a "Hack Proof" machine, but there are steps that you can take to help secure your system. Someone chimed in on many simple and important things in this post. Here are some ideas:

1.) Limit php functions
2.) Run /scripts/securetmp (Someone defaced EVERY index.htm* file on one of our servers a few years back because they were able to put a file and execute it from the tmp directory . . . we were ignorant)
3.) Install a firewall and block everything except for needed ports. This is easy to do and will help.
4.) Enable suexec. If you can't enable suexec, run a script that will email you process that are ran as nobody every few hours. This will only HELP detect hacks that are already present on the system that are running as nobody at the time the script is executed. Believe me, many of these scripts can run for hours, days, weeks . . .
5.) jailshell your shell users and ONLY grant shell to people who need it. Monitor what your users are doing. If you think that someone is doing something wrong take a peek at their .bash_history (If they did not dlete it)
6.) Run chkrootkit which again . . . will only HELP detect root kits. If you have a machine that is compromised, move your users off of the server to a 100% clean server.
7.) For heavens sake, secure your root password and change it. Don't login directly via root (disable that feature if possible)
8.) A script that will notify you when someone has logged in as root (don't rely on that 100%)
9.) Save some money and hire an expert to "harden" your machines and give you pointers.
10.) Install IDS and some type of application that will check checksum of "common hacked binary"
11.) Keep your kernel and software up2date! Especially forum web apps and PHPNUKE!
12.) BFD (Brute Force Detection). Parse or grep your /var/message log for things like invalid user and things like that. YOU ARE GOING TO FIND Brute Force Attempts if your computer is plugged into the Internet. Block ip addresses that do attempt to BF in to your box.
13.) Security (Good security) is a full-time job. Hire a good security analyst

A nice simple script to help detect process ran as nobody:
*NOTE, some process such as perl/cgi httpd processes are normal. Its little processes such as .eggdrop and other suspicious process that are ran as nobody.